NAME
    Dpchrist::CGI - utility subroutines for CGI scripts

DESCRIPTION
    This documentation describes module revision $Revision: 1.45 $.

    This is alpha test level software and may change or disappear at any
    time.

  GLOBALS
   %CHECKBOX_ARGS
        %CHECKBOX_ARGS = ();

    Default argments used by gen_checkbox().

   $CHECKSUM_SALT
        $CHECKSUM_SALT = join ' ', __PACKAGE__, __FILE__, __LINE__;

    Default hashing salt used by gen_hidden_checksum(). Caller should set
    this value after use'ing this module.

   %PASSWORD_FIELD_ARGS
        %PASSWORD_FIELD_ARGS = (
            -size      => 70,
            -maxlength => 80,
        );

    Default argments used by gen_password().

   $RX_UNTAINT_CHECKBOX
        $RX_UNTAINT_CHECKBOX = qr/(on)/;

    Regular expression used for untainting paths.

   $RX_UNTAINT_PATH
        $RX_UNTAINT_PATH = qr/([^\x00]+)/;

    Regular expression used for untainting paths.

   $RX_UNTAINT_TEXTAREA
        $RX_UNTAINT_TEXTAREA = qr/([\PC\n\r]+)/;

    Regular expression used for untainting textareas.

   $RX_UNTAINT_TEXTFIELD
        $RX_UNTAINT_TEXTFIELD = qr/([\PC]+)/;

    Regular expression used for untainting textfields and password fields.

   %TD_ATTR
        %TD_ATTR = (
            -align  => 'LEFT', 
            -valign => 'TOP',
        );

    Default attributes used by gen_td().

   %TEXTAREA_ARGS
        TEXTAREA_ARGS = (    
            -maxlength => 32*1024,
            -columns   => 80,
            -rows      => 24,
            -wrap      => 'physical',
        );

    Default arguments used by gen_textarea().

   %TEXTFIELD_ARGS
        %TEXTFIELD_ARGS = (
            -size      => 70,
            -maxlength => 80,
        );

    Default arguments used by gen_textfield().

   %TH_ATTR
        %TH_ATTR = (
            -align  => 'LEFT', 
            -valign => 'TOP',
            -width  => '20%',
        );

    Default attributes used by gen_th().

  SUBROUTINES
   calc_checksum
        my $md5 = calc_checksum(LIST);

        # LIST are items to be fed into the checksum

    Walks list and expands array references. Passes through call to
    Digest::MD5::md5_hex() using $CHECKSUM_SALT and walked list.

    LIST items, and referenced array items, should be strings, otherwise the
    checksum seems to be different for each hit (?).

    Calls Carp::confess() on error.

   dump_cookies
        push @debug_html, pre(escapeHTML(dump_cookies()));

    Calls get_cookies_as_rhh() (see below), feeds the returned reference to
    Data::Dumper->Dump(), and returns the result.

   dump_params
        push @debug_html, pre(escapeHTML(dump_params()));

        push @debug_html, pre(escapeHTML(dump_params(OBJECT)));

        # OBJECT (optional) is a CGI object or CGI-derived object

    Calls get_params_as_rha() (see below), feeds the returned reference to
    Data::Dumper->Dump(), and returns the result.

   gen_checkbox
        push @html, gen_checkbox(ARGS);

        # ARGS are named arguments

    Merges named arguments ARGS with default arguments %CHECKBOX_ARGS (ARGS
    have priority), and passes through call with net arguments to
    CGI::checkbox().

   gen_hidden
        push @html, gen_hidden(-name => NAME, -value => VALUE);

        # NAME is a CGI parameter name

        # VALUE is the parameter value, or a reference to a list of values

    Returns an array of HTML elements:

    [0] A hidden control with name NAME and value VALUE.

    [1] A hidden control with name given by NAME with '_ck' suffix and value
    given by calling calc_checksum() with $CHECKSUM_SALT and incoming
    arguments.

    Calls Carp::confess() on error.

   gen_password_field
        push @html, gen_password_field(ARGS);

        # ARGS are named arguments

    Merges named arguments ARGS with default arguments %PASSWORD_FIELD_ARGS
    (ARGS have priority), and passes through call with net arguments to
    CGI::password_field().

   gen_td
        push @html, table( Tr([
            th('one') . gen_td(ARGS),
            th('two') . gen_td(ATTR, ARGS),
        ]));

        # ARGS are named arguments

        # ATTR (optional) is a reference to a hash of attributes

    Merges named attributes ATTR with default attributes %TD_ATTR (ATTR has
    priority) and passes through call with net attributes and arguments to
    CGI::td().

   gen_textarea
        push @html, gen_textarea(ARGS);

        # ARGS is a list of named arguments

    Merges name arguments ARGS with default arguments %TEXTAREA_ARGS (ARGS
    has priority) and passes through call with net arguments to
    CGI::textarea().

   gen_textfield
        push @html, gen_textfield(ARGS);

        # ARGS is a list of named arguments

    Merges named arguments ARGS with default arguments %TEXTAREA_ARGS (ARGS
    has priority) and passes through call with net attributes and arguments
    to CGI::textfield().

   gen_th
        push @html, table( Tr([
            gen_th(ARGS)       . td(1),
            gen_th(ATTR, ARGS) . td(2),
        ]));

        # ARGS is a list of arguments

        # ATTR (optional) is a reference to a hash of named attributes

    Merges named attributes ATTR with default attributes %TH_ATTR (ATTR has
    priority) and passes through call with net attributes and arguments to
    CGI::th().

   get_cookies_as_rhh
        my $cookies = get_cookies_as_rhh();

    Calls CGI::cookie() in list context for all CGI cookies and returns a
    reference to a hash-of-hashes data structure.

   get_params_as_rha
        my $params = get_params_as_rha();

        my $params = get_params_as_rha(OBJECT);

        # OBJECT (optional) is a CGI object or CGI-derived object

    Calls CGI::param() in list context for all CGI parameters and returns a
    hash-of-arrays data structure.

    Calls Carp::confess() on error.

   merge_args
        merge_args(ARRAYREF, ARGS);

        # ARRAYREF is a reference to an array

        # ARGS is a reference to a hash of named arguments

    Inserts or merges named arguments ARGS into array referenced by
    ARRAYREF. Typically used with CGI.pm widget generating functions, such
    as textarea(). Referenced array is modified in the process, and
    key/value pairs may be reordered. Returns void.

    Calls Carp::confess() on error.

   merge_attr
        merge_attr(ARRAYREF, ATTR);

        # ARRAYREF is a reference to an array

        # ATTR is a reference to a hash of named attributes

    Inserts or merges named attributes ATTR into array referenced by
    ARRAYREF. Attributes in first element of referenced array take
    precedence over attributes in ATTR. Typically used with CGI.pm tag
    generating functions, such as td(). First element of referenced array
    may be created or modified in the process. Returns void. Doesn't bother
    to merge if reference array is empty. Returns void.

    Calls Carp::confess() on error.

   nbsp
        push @html, nbsp();

        push @html, nbsp(EXPR);

        # EXPR (optional) is a whole number

    Returns one or more nonbreaking space HTML character entities.

    Calls Carp::confess() on error.

   untaint_checkbox
        my @untainted = untaint_checkbox(LIST);

        # LIST are strings to be untainted

    Passes through call to untaint_regex() using a RX suitable for checkboxs
    ('on').

   untaint_path
        my @untainted = untaint_path(LIST);

        # LIST are strings to be untainted

    Passes through call to untaint_regex() using a RX suitable for Unix
    paths (everying except NULL).

   untaint_regex
        my @untainted = untaint_regex(RX, LIST);

        # RX is a regular epxression

        # LIST are strings to be untainted

    Applies regular expression to each element in LIST. If LIST is empty,
    returns void. In list context, process LIST and return first captured
    substrings for each LIST item. In scalar context, process first LIST
    item and return first captured substring.

    Caller usually creates RX with the quote regular expression operator
    'qr()'.

    Returns undef for LIST elements that are references.

    Calls Carp::confess() on error.

    Calls Carp::cluck() if LIST contains undefined values or references.

   untaint_textarea
        my @untainted = untaint_textarea(LIST);

        # LIST are strings to be untainted

    Passes through call to untaint_regex() using a RX suitable for text
    areas (printable characters plus carriage return and line feed).

   untaint_textfield
        my @untainted = untaint_textfield(LIST);

        # LIST are strings to be untainted

    Passes through call to untaint_regex() using a RX suitable for
    textfields (printable characters).

   validate_checkbox
        push @errors, validate_checkbox(NAME);

        # NAME is a CGI parameter name

    Performs checkbox checks on CGI parameter with name NAME. Skips checks
    if CGI parameter does not exist (e.g. empty or fresh hit). Returns error
    strings if problems found.

    Calls Carp::confess() on error.

   validate_hidden
        push @errors, validate_hidden(NAME);

        # NAME is a CGI parameter name

    Performs hidden field checks on CGI parameter with name NAME. Skips
    checks if no CGI parameters exist (e.g. fresh hit). Returns error
    strings if problems found.

    Calls Carp::confess() on error.

   validate_parameter_present
        push @errors, validate_required_parameters(LIST);

        # LIST are CGI parameter names

    Checks that the CGI parameters with names in LIST are defined and have
    values. Skips checks if no CGI parameters exist (e.g. fresh hit).
    Returns list of error strings if problems found.

    Calls Carp::confess() on error.

   validate_password_field
        push @errors, validate_password_field(NAME);

        # NAME is a CGI parameter name

    Performs password field checks on CGI parameter with name NAME. Skips
    checks if CGI parameter does not exist (e.g. empty or fresh hit).
    Returns error strings if problems found.

    Calls Carp::confess() on error.

   validate_textarea
        push @error, validate_textarea(NAME);

        # NAME is a CGI parameter name

    Performs textarea checks on CGI parameter with name NAME. Skips checks
    if parameter does not exist (e.g. empty or fresh hit). Returns error
    strings if problems found.

    Calls Carp::confess() on error.

   validate_textfield
        push @errors, validate_textfield(NAME);

        # NAME is a CGI parameter name

    Performs textfield checks on CGI parameter with name NAME. Skips checks
    if parameter does not exist (e.g. empty or fresh hit). and returns error
    strings if problems found.

    Calls Carp::confess() on error.

  EXPORT
    None by default.

    All of the subroutines may be imported by using the ':all' tag:

        use Dpchrist::CGI           qw( :all );

    See 'perldoc Export' for everything in between.

INSTALLATION
    Old school:

        $ perl Makefile.PL
        $ make
        $ make test
        $ make install

    Minimal:

        $ cpan Dpchrist::CGI

    Complete:

        $ cpan Bundle::Dpchrist

    The following warning may be safely ignored:

        Can't locate Dpchrist/Module/MakefilePL.pm in @INC (@INC contains: /
        etc/perl /usr/local/lib/perl/5.10.0 /usr/local/share/perl/5.10.0 /us
        r/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.10 /usr/share/perl/5.10
        /usr/local/lib/site_perl .) at Makefile.PL line 22.

  PREREQUISITES
    See Makefile.PL in the source distribution root directory.

SEE ALSO
        CGI.pm

AUTHOR
    David Paul Christensen dpchrist@holgerdanske.com

COPYRIGHT AND LICENSE
    Copyright (C) 2010 by David Paul Christensen

    This program is free software; you can redistribute it and/or modify it
    under the terms of the GNU General Public License as published by the
    Free Software Foundation; version 2.

    This program is distributed in the hope that it will be useful, but
    WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
    Public License for more details.

    You should have received a copy of the GNU General Public License along
    with this program; if not, write to the Free Software Foundation, Inc.,
    59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.

